A guide to finding subdomain takeovers with ProjectDiscovery tools by Brendan O’Leary! 🚀

#hackwithautomation #security #bugbounty

blog.projectdiscovery.io/using-pd-tools…

Pro tip: Set a cronjob for pdtm to update all your ProjectDiscovery tools automatically.

⌨️ 0 9 * * * /path/to/pdtm -ua

This will update your PD tools every day at 9AM! 🚀

#hackwithautomation #security #hacking

🚨Alert🚨 CVE-2023-24243 #CData #vulnerability
Search Link:
hunter.how/list?searchVal…

Other Dorks：
💁 Shodan: http.html:'CData Arc'
💁‍♂️ FOFA: body='CData Arc'
💁‍♀️ Censys: services.http.response.body:'CData Arc'

Huge shout-out to 🙌🙌🙌 : DEVCORE
Refer to
gist.github.com/d3vc0r3/6460a5…

Prompt Engineering for Programmers ⌨️

CouchDB Erlang Distribution - Remote Command Execution(CVE-2022-24706) CRITICAL 🚨

nuclei -t /network/cves/2022/CVE-2022-24706.yaml -l ips.txt

nuclei Link:
github.com/projectdiscove…

Follow the thread to see how the template created 😼
#hackwithautomation #pdteam #nuclei

A guide to abusing reverse proxies: Part 1 - Metadata 🌨

⚛️ Discover how nuclei templates can help identify reverse proxy misconfigurations across various cloud providers in this blog! 👇

#nuclei101 #nucleitemplates #hackwithautomation

blog.projectdiscovery.io/abusing-revers…

It's not easy being a woman, but once you learn about these hacks, they'll become a part of your daily routine. ✨

It's not easy being a woman, but once you learn about these hacks, they'll become a part of your daily routine. ✨

🚨Alert🚨 CVE-2023-34960 #Chamilo #CMS #RCE

Search Link：
hunter.how/list?searchVal…

Other Dorks
1⃣️FOFA: body='content=\'Chamilo 1'
2⃣️Shodan: http.component:'Chamilo'

Thanks to：Aituglo
Refer to：github.com/Aituglo/CVE-20…
#infosec urity #infosec

Maybe a mobile bugbounty platform？
Powered by ProjectDiscovery & Termux
nuclei ProjectDiscovery.io Christian B. yesimxev
#BugBounty #bugbountytips #nuclei #projectdiscovery #hackwithautomation
#opensource #security

🚨Nuxt.Js Vulnerabilities 🔥 nuclei

1. Arbitrary File Read in Dev Mode - Nuxt.js [high]
2. Semi Arbitrary File Read in Dev Mode - Nuxt.js [medium]
3. Error Page XSS - Nuxt.js [medium]

Nuclei Template - github.com/projectdiscove…

#bugbounty #hackwithautomation #pdteam

Nuclei-Templates release v9.3.7🎉 github.com/projectdiscove…

👥 Closed 56 PRs this week

⚡️ New Templates Added: 58

Harsh Jaiswal Rahul Maini Dhiyaneshwaran GwanYeongKim Aman Rawat

#nuclei #hackwithautomation #bugbounty #infosec
nuclei

🔥Highlights :

An introduction to abusing reverse proxies with nuclei! 👇

#nuclei101 #hackwithautomation #security

blog.projectdiscovery.io/abusing-revers…

Update all of your ProjectDiscovery tools with pdtm! 🚀

pdtm also updates itself now too! 💪

⭐️ Install pdtm 👉 github.com/projectdiscove…

Keeping up to date could not be easier than this 👇

#hackwithautomation #security #hacking

Using wildcard glob support in nuclei, you can quickly scan for CVEs of specific years, for example, 𝗻𝘂𝗰𝗹𝗲𝗶 -𝘁 '𝗰𝘃𝗲𝘀/𝗖𝗩𝗘-𝟮𝟬𝟮𝟬*' will scan for all the CVEs assigned in 2020 from nuclei templates project.

credit:nuclei

#nucleitips #hackwithautomation

Announcing Nuclei Cloud, a SaaS platform built on the top of nuclei open-source project to ease the automation experience at scale for everyone.

We've also raised $25M in Series A round led by
CRV 🙏

More details in the blog –– blog.projectdiscovery.io/announcing-nuc…

#hackwithautomation

#CVE -2023-34960 : Chamilo Command Injection 🔥

nuclei Nuclei Template - github.com/projectdiscove…

nuclei -uq 'http.component:'Chamilo'' -t CVE-2023-34960.yaml -vv

Payload Used : `{}`.pptx'|' |cat /etc/passwd||a #

#bugbountytips #hackwithautomation #pdteam #cve2023

Today, we are proud to announce the private beta of Nuclei Cloud – expanding the power of nuclei with enterprise-grade SaaS capabilities built on top of the open-source project.

Sign up today nuclei.sh

How to build a fast one-shot recon script to collect the info you need as a starting point for bug bounty testing! 🐞🪲🐛💥🔫

#HackwithAutomation #Bugbounty #Hacking 👇

blog.projectdiscovery.io/building-one-s…

You can use #httpx to request any path and see the status code and other details on the go, filter, or matcher flags if you want to be more specific.

httpx -path /swagger-api/ -status-code -content-length

credit:nuclei

#hackwithautomation #recon #bugbountytips #infosec

If you prefer viewing the raw DNS response from your DNS enumeration tools you can use the dnsx -raw option! 👇

Install now 👉 github.com/projectdiscove…

#hackwithAutomation #DNSenumeration #recon

Want to write complex exploits quickly? 🤔

⚛️ Nuclei allows you to create multi-step requests without programming knowledge! 🤯

Check out this step-by-step breakdown of the Nuclei template for CVE-2020-8193 👇

#Nuclei101 #hackwithautomation #bugbounty

blog.projectdiscovery.io/nuclei-unleash…

CVE-2023-24243 - CData RSB Connect - Server Side Request Forgery (high) 🚨

Nuclei Template :
github.com/projectdiscove…

CLI command :
nuclei -uq 'http.favicon.hash:163538942' -t CVE-2023-24243.yaml -vv

nuclei #hackwithautomation #bugbounty #pdteam #infosec #poc

Our website: http://hackbit.dao

#hack bit #Hacked #HackersNews #HackTheBox #hack s #hack withautomation #hack athon #hack

Did you know Nuclei can be used to match and extract data from files within a folder hierarchy? 🗃

Check out this example of how Nuclei can search recursively through directories to extract API keys based on the regex specified in the template! 😎

#Nuclei101 #HackWithAutomation

XSS POC Videos

youtube.com/playlist?list=…

#hackwithautomation #cybersecurity #crawler #bugbounty #infosec #bugbounty tips #hacking #ChatGPT #xss #sqli #sqli njection #pentesting #CTF #recon #hackerone #bugcrowd #ethicalhacking